cpack hangs on security related issue

[dtgm]

Upgraded from 0.9.9-rc5 to 0.9.9.1

Has any change been made between the above versions that may cause cpack to hang when called from a ketarin c# script with cmd.exe? Has the format for arguments changed?

System.Diagnostics.Process process = new System.Diagnostics.Process();
System.Diagnostics.ProcessStartInfo proc = new System.Diagnostics.ProcessStartInfo();
proc.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;
proc.UseShellExecute = true;
proc.WorkingDirectory = pkgPath;  //equiv to "C:\path\to\pkg\"
proc.FileName = "cmd.exe";
proc.Arguments = "/c "+"cpack";
process.StartInfo = proc;
process.Start();

The nuspec file contains:

<files>
  <file src="tools\**" target="tools" />
</files>

It appears it cannot find the "tools" directory despite using proc.WorkingDirectory. It looks like cpack now requires explicitly declaring the location of the NUSPEC file, choco pack [<path to nuspec>] [<options/switches>], so I tried:

proc.Arguments = "/c "+"cpack C:\path\to\pkg\pkg.nuspec";

But this also hangs. With ProcessExplorer It looks like C:\ProgramData\chocolatey\bin\choco.exe (version 0.5.1.0) spawns child-process C:\ProgramData\chocolatey\choco.exe (version 0.9.9.2)

Note, just in case I also tried:

proc.Arguments = "/c "+"cd C:\path\to\pkg && choco pack C:\path\to\pkg\pkg.nuspec";

However, if I change the cmd.exe arguments to proc.Arguments = "/c "+"mkdir testdir, then "testdir" is created just fine.

EDIT: I also tried updating to 0.9.9.2, same issue.

[dtgm]

This is a permissions error caused by me.

cmd.exe /c choco pack was being run as a user and looking at the log indicated it was expecting to run as an admin.

C:\ProgramData\chocolatey\logs\chocolatey.log:

2015-03-09 19:24:38,452 [INFO ] - ============================================================
2015-03-09 19:24:38,483 [INFO ] - Chocolatey v0.9.9.2
2015-03-09 19:24:38,489 [DEBUG] - Chocolatey is running on Windows v 6.3.9600.0
2015-03-09 19:24:38,508 [INFO ] - 
Chocolatey detected you are not running from an elevated command shell
 (cmd/powershell). You may experience errors - many functions/packages
 require admin rights. Only advanced users should run choco w/out an
 elevated shell. When you open the command shell, you should ensure 
 that you do so with "Run as Administrator" selected.

 Do you want to continue?
2015-03-09 19:24:38,514 [INFO ] -  1) yes
2015-03-09 19:24:38,515 [INFO ] -  2) no [Default - Press Enter]

[ferventcoder]

Please reopen. No reason this should happen on pack and push. Ugh. Thanks
for finding the issue.

On Tuesday, March 10, 2015, dtgm notifications@github.com wrote:

Closed #160 #160.

—
Reply to this email directly or view it on GitHub
#160 (comment).

Rob
"Be passionate in all you do"

http://devlicio.us/blogs/rob_reynolds
http://ferventcoder.com
http://twitter.com/ferventcoder

[dtgm]

Negative. I'll see if I can duplicate the issue before reopening.

I believe my particular issue was I was editing files with an improperly setup cygwin install. Editing files via cygwin were modifying permissions to an invalid SID. I haven't had time to verify this yet, but running ketarin with admin privileges skirts the problem.

[dtgm]

On reflection I'll reopen since choco should not hang if inadequate perms.

This is not necessarily an issue between 0.9.9-rc5 and 0.9.9.1.

What tipped me off was C:\ProgramData\chocolatey\logs\chocolatey.log was not getting written to with -d because I had probably saved it at some point in cygwin. After renaming the log, I was able to get the log as shown above.

If I remember correctly, procmon showed choco.exe was continually trying to read a file (maybe config) it did not have perms to read.

[dtgm]

I still had procmon open.

choco.exe pack was trying to write to C:\ProgramData\chocolatey\logs\chocolatey.log but received ACCESS DENIED.

It would try continually closing and writing to same file without delay.

After renaming chocolatey.log I still had unrelated perm issues, but cpack would write to the file and quit.

[dtgm]

For the related 2nd issue, I received the error in log Chocolatey detected you are not running from an elevated command shell... because it appears choco.exe could not read the choco config file and determined it does not have the proper perms.

Perhaps returning a simple "Could not read file FOO" would work better.

[ferventcoder]

This should be fixed in 0.9.9.5. Thanks for reporting!